Manager/Associate Director, Cyber Security

KPMG China provides multidisciplinary services from audit and tax to advisory, with a strong focus on serving our clients' needs and their industries. Not only do we have an overriding commitment to provide the highest quality services for our clients, but we also strive to become a responsible corporate citizen that has a positive impact on our environment and community. At KPMG, you'll translate insights into action and reveal opportunities for all-our teams, our clients and our world.

Service Line Overview

At KPMG's Consulting practice, we do not limit ourselves to either strategy or implementation. We deliver both. Our Hong Kong division is the fastest growing within KPMG China and represents a young and enthusiastic team that always pushes for success. Since our inception, we have acquired in-depth knowledge of an incredibly broad range of sectors and services.

KPMG is the firm that views cyber security as a business enabler, and not just an IT issue. From the boardroom to back office, we help clients through Strategy and Governance, Transformation, Cyber Defense and Cyber Response. So that they are prepared for uncertainty and use cyber security to advance the business, not stand in the way.

Our wide range of projects includes Cyber Strategy, Cyber Digital Transformation, Governance & Risk, as well as a growing presence in Attack & Penetration Tester or Ethical Hacker. We are keen to speaking with cyber security specialists with various expertise and experiences to join our growth story.

We are now seeking Manager / Associate Director candidates for Cyber Security Team.

Key Responsibilities
Lead cyber security engagements including security strategy, policy and architecture, information privacy and governance, certification and compliance, business and technology resilience and security testing. Communicate technical issues in business terms with senior management and deliver value using a pragmatic approach to the technical components of information security. Lead Cybersecurity Maturity Assessments and Cybersecurity Control Gap Remediation (covering the design and implementation of controls to address the people, process and technology risks) projects. Assess the IT security architecture across application, database, operating system, hardware platforms (including web and mobile) and network infrastructure -for vulnerabilities to cyber-attack Lead Cybersecurity Maturity Assessments by assessing cyber risk factors across 6 functional domains - Leadership & Governance, Human Factors, Information Risk Management, Business Continuity, Technology & Operations, Legal & Compliance Design and implement processes for Identity & Access Controls, Cyber Incident Management, Intrusion Detection, Threat Intelligence, Cyber Data Analytics, Security Monitoring, etc. Identify and communicate engagement findings to senior management and client personnel Provide strategic advice to our clients Take the lead role in continuously enhancing the existing cyber assessment methodologies. Drive marketing and training materials to help develop staff awareness within the company and communicate KPMG's capabilities to clients Build and maintain relationships with existing and prospective clients, and develop / improve your network of business contacts Lead with scoping prospective engagements and developing proposals Take an active role in KPMG's global community of security professionals, assist with research into vulnerabilities and develop our ability to perform security engagements Work with multi-level of our clients from C-level executives, senior and management staff to on-the-ground professionals

Experience & Background
Bachelor's degree or above in cybersecurity, technology, engineering, or business studies with information systems major/minor from an accredited college / university along with deep interest in technology risk, security and IT governance will be considered 5+ years' experience, ideally within a professional services environment or internal consultancy function delivering cyber security related projects Experience in financial services is preferred Professional qualification holder will be preferrable ( OSCP, CISSP, CRISC, CISA, CISM, PMP or other relevant qualifications) Prior consulting experience in information security preferred, ideally within a professional services environment or internal consultancy function delivering cyber security related services Excellent written and verbal communication skills in English and Chinese (Mandarin or Cantonese) Has strong knowledge on the below skillsets are preferrable
-Interpersonal skills with a demonstrated ability to gain the confidence and respect of senior level executives

-Client services orientation and accustomed to taking an active role in executing client engagements

-Analytical skills and the ability to develop thought leadership publications

-Knowledge of enterprise technologies, especially networking principles and internet-based technologies, with self-motivated learning ability

-Knowledge of internet application security, including common internet application vulnerabilities and network architecture to support internet applications

-Knowledge base in operations, enterprise networking, operating systems and database security evaluation and architecture

-Knowledge of IT security vendor products
Candidate with less experience will be considered as Manager
• Additional Qualifications for Associate Director
A minimum of eight years of relevant experience Demonstrated ability to build market presence, identify business opportunities, lead project engagements, attract new business, and build lasting professional relationships with senior client executives

Benefits we offer

KPMG is looking for someone who is passionate about helping our clients with their cybersecurity challenges. In return, we are helping you to develop your skills and career within the KPMG network.
Well-structured career development and learning path, 1-to-1 coaching by our partners Access to various learning resources Wide exposure to working with leading financial institutions and multi-national corporations Continuous sponsorship and support on professional certificate development Work in a passionate team with blended technology risk and cybersecurity talents

About KPMG

At KPMG China, we are committed to being an equal opportunity employer, with zero tolerance for any form of discrimination against any persons. It is important for us to create an inclusive, diverse and agile workplace for our people to develop and thrive at both a personal and professional level.

We strive to make ESG (environmental, social and governance) a watermark running through our organisation; from empowering our people to become agents of positive change, to providing better solutions and services to our clients to help them achieve their ESG goals. View Our Impact Plan to learn more about our ESG commitments and progress across four key pillars - Governance, People, Planet and Prosperity - and how we make a positive impact on our people, environment and society.

We encourage you to come as you are, and we welcome all qualified candidates to apply, and hope you unlock opportunities with us. Visit KPMG China website for more company information.

You acknowledge and agree that all personal information hereby provided regarding yourself will be used by KPMG China for its candidate selection purposed only. KPMG China collects, uses, processes, and retains your personal information in accordance with KPMG China's Online Privacy Statement and/or KPMG China Privacy Statement (collectively "Privacy Statement"). During the recruitment process, KPMG China may need to store personal information of candidates in a designated third-party application tracking platform.

If you have any questions regarding the information you provided in the form or your job application in general, please contact KPMG China's HR personnel in the location where your application is submitted [see here].